Exploiting P2P systems for DDoS attacks

Authors:
Naoum Naoumov;Keith Ross
Affiliations:
Polytechnic University, Brooklyn, NY;Polytechnic University, Brooklyn, NY
Venue:
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
Year:
2006

Citing 11
Cited 22

Query-flood DoS attacks in gnutella

Proceedings of the 9th ACM conference on Computer and communications security
Mapping the Gnutella Network

IEEE Internet Computing
IP Traceback-Based Intelligent Packet Filtering: A Novel Technique for Defending against Internet DDoS Attacks

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Kademlia: A Peer-to-Peer Information System Based on the XOR Metric

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems

Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and

Tapestry: An Infrastructure for Fault-tolerant Wide-area Location and
Hop-count filtering: an effective defense against spoofed DDoS traffic

Proceedings of the 10th ACM conference on Computer and communications security
Preventing Internet denial-of-service with capabilities

ACM SIGCOMM Computer Communication Review
Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)

Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
The FastTrack overlay: a measurement study

Computer Networks: The International Journal of Computer and Telecommunications Networking - Overlay distribution structures and their applications
Inferring internet denial-of-service activity

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10

Exploiting KAD: possible uses and misuses

ACM SIGCOMM Computer Communication Review
A global view of kad

Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
A measurement study of the structured overlay network in P2P file-sharing systems

Advances in Multimedia
BotTorrent: misusing BitTorrent to launch DDoS attacks

SRUTI'07 Proceedings of the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet
Antisocial Networks: Turning a Social Network into a Botnet

ISC '08 Proceedings of the 11th international conference on Information Security
Attacking the Kad network

Proceedings of the 4th international conference on Security and privacy in communication netowrks
P2P Networking and Applications

P2P Networking and Applications
Measurement and mitigation of BitTorrent leecher attacks

Computer Communications
Incentive cooperation strategies for peer-to-peer live multimedia streaming social networks

IEEE Transactions on Multimedia - Special section on communities and media computing
The WOMBAT Attack Attribution Method: Some Results

ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Active measurement of routing table in Kad

CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
P2P attack taxonomy and relationship analysis

ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 2
P2P DDoS: challenges and countermeasures

FSKD'09 Proceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 7
Accountable file indexing against DDoS attacks in peer-to-peer networks

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Secure peer sampling

Computer Networks: The International Journal of Computer and Telecommunications Networking
Preventing DDoS attacks on internet servers exploiting P2P systems

Computer Networks: The International Journal of Computer and Telecommunications Networking
Cooperation stimulation strategies for peer-to-peer wireless live video-sharing social networks

IEEE Transactions on Image Processing
What is the impact of p2p traffic on anomaly detection?

RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Poisoning the Kad network

ICDCN'10 Proceedings of the 11th international conference on Distributed computing and networking
Review: A survey on content-centric technologies for the current Internet: CDN and P2P solutions

Computer Communications
Performance evaluation of large-scale dynamic systems

ACM SIGMETRICS Performance Evaluation Review
eDonkey & eMule's Kad: Measurements & Attacks

Fundamenta Informaticae

Quantified Score

Hi-index	0.00

Visualization

Abstract

When a P2P system has millions of concurrently active peers, there is the risk that it could serve as a DDoS engine for attacks against a targeted host. In this paper we describe two approaches to creating a DDoS engine out of a P2P system: the first involves poisoning the distributed index in the peers; the second involves poisoning the routing tables in the peers. For both approaches, the targeted host does not have to be a participant in the P2P system, and could be a web server, a mail server, or a user's desktop. We then examine these two poisoning attacks in Overnet, a popular DHT-based P2P file-sharing system. By using limited poisoning attacks of short duration on Overnet's indexing and routing tables, we create DDoS attacks against a targeted host. We find that with modest effort, both DDoS attacks can direct significant traffic from diverse peers to the target.